From owner-freebsd-stable Mon Mar 12 6:41:10 2001 Delivered-To: freebsd-stable@freebsd.org Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11]) by hub.freebsd.org (Postfix) with SMTP id 4FBC137B759 for ; Mon, 12 Mar 2001 06:40:59 -0800 (PST) (envelope-from iedowse@maths.tcd.ie) Received: from walton.maths.tcd.ie by salmon.maths.tcd.ie with SMTP id ; 12 Mar 2001 14:40:58 +0000 (GMT) To: j mckitrick Cc: Alfred Perlstein , freebsd-stable@freebsd.org, iedowse@maths.tcd.ie Subject: Re: suspend/restore with ppp connections In-Reply-To: Your message of "Mon, 12 Mar 2001 13:58:26 GMT." <20010312135826.F86948@dogma.freebsd-uk.eu.org> Date: Mon, 12 Mar 2001 14:40:58 +0000 From: Ian Dowse Message-ID: <200103121440.aa97105@salmon.maths.tcd.ie> Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20010312135826.F86948@dogma.freebsd-uk.eu.org>, j mckitrick writes: > >This *is* userland ppp. I've never used pppd. I saw a crash like this recently - I didn't get a trace/core due to forgetting to set dumpdev and being in X, but thanks to the way Vaios don't clear memory on a reboot, I think I got enough to track this down: sio1: still open, forcing close sio1: unloaded sio1: detached pccard: card disabled, slot 0 resumed from suspended mode (slept 00:00:09) pccard: card inserted, slot 0 ata0: resetting devices .. done sio1 at port 0x2f8-0x2ff irq 11 slot 0 on pccard0 sio1: type 16550A Fatal trap 12: page fault while in kernel mode fault virtual address = 0x8c fault code = supervisor read, page not present instruction pointer = 0x8:0xc02b6c99 stack pointer = 0x10:0xc71fdd48 frame pointer = 0x10:0xc71fdd90 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 12580 (ppp) interrupt mask = none trap number = 12 panic: page fault syncing disks... 7 done Uptime: 2d16h40m24s The eip value corresponds to the first dereference of com->tp in sioioctl(): tp = com->tp; ... term = tp->t_termios; The problem is that the card has been reattached, so com->gone is 0. However com->tp is NULL because the driver has not seen an open() since attachment. It would probably be possible to add a few tests for com->tp != NULL in a few places, but sio.c has bigger problems in this area. It seems that a struct tty will be leaked for every insert/removal too. There is also a missing call to the line discipline's l_close function in the forced detach case. A workaround for the panic, I think, is to remove the card before resuming if you accidentally suspend while ppp is running. Ian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message